FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-20 14:15:46 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
59e72db2-cae6-11e3-8420-00e0814cab4edjango -- multiple vulnerabilities

The Django project reports:

These releases address an unexpected code-execution issue, a caching issue which can expose CSRF tokens and a MySQL typecasting issue. While these issues present limited risk and may not affect all Django users, we encourage all users to evaluate their own risk and upgrade as soon as possible.


Discovery 2014-04-21
Entry 2014-04-23
Modified 2014-04-30
py26-django
>= 1.6 lt 1.6.3

py27-django
>= 1.6 lt 1.6.3

py31-django
>= 1.6 lt 1.6.3

py32-django
>= 1.6 lt 1.6.3

py33-django
>= 1.6 lt 1.6.3

py34-django
>= 1.6 lt 1.6.3

py26-django15
>= 1.5 lt 1.5.6

py27-django15
>= 1.5 lt 1.5.6

py31-django15
>= 1.5 lt 1.5.6

py32-django15
>= 1.5 lt 1.5.6

py33-django15
>= 1.5 lt 1.5.6

py34-django15
>= 1.5 lt 1.5.6

py26-django14
>= 1.4 lt 1.4.11

py27-django14
>= 1.4 lt 1.4.11

py31-django14
>= 1.4 lt 1.4.11

py32-django14
>= 1.4 lt 1.4.11

py33-django14
>= 1.4 lt 1.4.11

py34-django14
>= 1.4 lt 1.4.11

py26-django-devel
< 20140423,1

py27-django-devel
< 20140423,1

https://www.djangoproject.com/weblog/2014/apr/21/security/
CVE-2014-0472
CVE-2014-0473
CVE-2014-0474
3c5579f7-294a-11e4-99f6-00e0814cab4edjango -- multiple vulnerabilities

The Django project reports:

These releases address an issue with reverse() generating external URLs; a denial of service involving file uploads; a potential session hijacking issue in the remote-user middleware; and a data leak in the administrative interface. We encourage all users of Django to upgrade as soon as possible.


Discovery 2014-08-20
Entry 2014-08-21
py27-django
>= 1.6 lt 1.6.6

py27-django15
>= 1.5 lt 1.5.9

py27-django14
>= 1.4 lt 1.4.14

py32-django
>= 1.6 lt 1.6.6

py32-django15
>= 1.5 lt 1.5.9

py33-django
>= 1.6 lt 1.6.6

py33-django15
>= 1.5 lt 1.5.9

py34-django
>= 1.6 lt 1.6.6

py34-django15
>= 1.5 lt 1.5.9

py27-django-devel
< 20140821,1

py32-django-devel
< 20140821,1

py33-django-devel
< 20140821,1

py34-django-devel
< 20140821,1

https://www.djangoproject.com/weblog/2014/aug/20/security/
CVE-2014-0480
CVE-2014-0481
CVE-2014-0482
CVE-2014-0483